Define the Access Settings for Non-Secure Original WebX Connections

You can configure your system so that WebX and Original WebX clients can access the ClearSCADA database via non-secure HTTP connections (see Define the Ports Settings for Original WebX Clients). As HTTP connections are unsecure, potentially the communications could be intercepted and used for malicious purposes. For this reason, ClearSCADA has certain safeguards in place by default:

However, in certain specific circumstances (such as testing a system), there may be a need for an engineer to log on and issue controls via an unsecure connection. To facilitate this, the Server Configuration Tool’s WebX settings include an Allow Logon and Database Writes Over Non-Secure HTTP check box.

When selected, this will allow engineers to log on and issue controls over a HTTP connection.

You should only select the Allow Logon and Database Writes Over Non-Secure HTTP check box if you are fully aware of the security risks and are prepared to accept the lowered level of security. We would not advise selecting the check box on a fully commissioned live system. Once the commissioning work using non-secure connections is complete, and before the system goes live, ensure that the check box is cleared so that log ons and write actions only take place over secure connections.

NOTICE

POTENTIAL SECURITY BREACH

Do not select the Allow Logon and Database Writes Over Non-Secure HTTP check box unless you are fully aware of the security risks and are prepared to accept the lowered level of security. We would not advise selecting the check box on a fully commissioned live system. The Allow Logon and Database Writes Over Non-Secure HTTP check box should be clear so that log ons and write actions to the database only take place over secure connections.
Failure to follow these instructions can result in equipment damage.

Disclaimer

ClearSCADA 2017 R3